A method for modeling and quantifying the security attributes of intrusion tolerant systems

Authors:
Bharat B. Madan;Katerina Goševa-Popstojanova;Kalyanaraman Vaidyanathan;Kishor S. Trivedi
Affiliations:
Department of Electrical and Computer Engineering, Duke University, Durham, NC;Lane Department of Computer Science and Electrical Engineering, West Virginia University, Morgantown, WV;RAS Computer Analysis Laboratoty, Sun Microsystems, Inc., 9515 Towne Centre Drive, USAN 10-103, San Diego, CA;Department of Electrical and Computer Engineering, Duke University, Durham, NC
Venue:
Performance Evaluation - Dependable systems and networks-performance and dependability symposium (DSN-PDS) 2002: Selected papers
Year:
2004

Citing 6
Cited 33

A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior

IEEE Transactions on Software Engineering
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security

IEEE Transactions on Software Engineering
Probability and statistics with reliability, queuing and computer science applications

Probability and statistics with reliability, queuing and computer science applications
Jini Specification

Jini Specification
Fault Tolerance: Principles and Practice

Fault Tolerance: Principles and Practice
Survivability: Protecting Your Critical Systems

IEEE Internet Computing

ANSWER: AutoNomouS netWorked sEnsoR system

Journal of Parallel and Distributed Computing
Security and Trust in IT Business Outsourcing: a Manifesto

Electronic Notes in Theoretical Computer Science (ENTCS)
An algorithm for the appraisal of assurance indicators for complex business processes

Proceedings of the 2007 ACM workshop on Quality of protection
Information Assurance: Dependability and Security in Networked Systems

Information Assurance: Dependability and Security in Networked Systems
TSR: trust-based secure MANET routing using HMMs

Proceedings of the 4th ACM symposium on QoS and security for wireless and mobile networks
Traffic Engineering Based Attack Detection in Active Networks

ICDCN '09 Proceedings of the 10th International Conference on Distributed Computing and Networking
A Method for Estimation of the Success Probability of an Intrusion Process by Considering the Temporal Aspects of the Attacker Behavior

Transactions on Computational Science IV
Software security analysis and assessment model for the web-based applications

Journal of Computational Methods in Sciences and Engineering
Availability Analysis of a Scalable Intrusion Tolerant Architecture with Two Detection Modes

CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
Quantified security is a weak hypothesis: a critical survey of results and assumptions

NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Quantitative evaluation of intrusion tolerant systems subject to DoS attacks via semi-Markov cost models

EUC'07 Proceedings of the 2007 conference on Emerging direction in embedded and ubiquitous computing
Optimizing security measures in an intrusion tolerant database system

ISAS'08 Proceedings of the 5th international conference on Service availability
A framework for security quantification of networked machines

COMSNETS'10 Proceedings of the 2nd international conference on COMmunication systems and NETworks
Formal approach to security metrics.: what does "more secure" mean for you?

Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
Cyber security quantification model

Proceedings of the 3rd international conference on Security of information and networks
Security evaluation of layered intrusion tolerant systems

ASMTA'10 Proceedings of the 17th international conference on Analytical and stochastic modeling techniques and applications
State space approach to security quantification

COMPSAC-W'05 Proceedings of the 29th annual international conference on Computer software and applications conference
Performance analysis of hierarchical group key management integrated with adaptive intrusion detection in mobile ad hoc networks

Performance Evaluation
On design tradeoffs between security and performance in wireless group communicating systems

NPSEC'05 Proceedings of the First international conference on Secure network protocols
Towards autonomic mode control of a scalable intrusion tolerant architecture

ATC'10 Proceedings of the 7th international conference on Autonomic and trusted computing
Testing and validating machine learning classifiers by metamorphic testing

Journal of Systems and Software
Formal analysis of security metrics and risk

WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
A hybrid ranking approach to estimate vulnerability for dynamic attacks

Computers & Mathematics with Applications
Availability analysis of an IMS-based VoIP network system

ICCSA'10 Proceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part IV
A self-healing mechanism for an intrusion tolerance system

TrustBus'05 Proceedings of the Second international conference on Trust, Privacy, and Security in Digital Business
Modeling and evaluating the survivability of an intrusion tolerant database system

ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Ranking attack graphs

RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
OO Confidentiality: Confidentiality checking an object-oriented class hierarchy

Network Security
Calendar: Events Calendar

Network Security
An adaptive mode control algorithm of a scalable intrusion tolerant architecture

Journal of Computer and System Sciences
Towards a secure and available smart grid using intrusion tolerance

IDCS'12 Proceedings of the 5th international conference on Internet and Distributed Computing Systems
A stochastic model of attack process for the evaluation of security metrics

Computer Networks: The International Journal of Computer and Telecommunications Networking
A Formal Framework for Patch Management

International Journal of Interdisciplinary Telecommunications and Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

Complex software and network based information server systems may exhibit failures. Quite often, such failures may not be accidental. Instead some failures may be caused by deliberate security intrusions with the intent ranging from simple mischief, theft of confidential information to loss of crucial and possibly life saving services. Not only it is important to prevent and/or tolerate security intrusions, it is equally important to treat security as a QoS attribute at par with other QoS attributes such as availability and performance. This paper deals with various issues related to quantifying the security attributes of an intrusion tolerant system, such as the SITAR system. A security intrusion and the response of an intrusion tolerant system to an attack is modeled as a random process. This facilitates the use of stochastic modeling techniques to capture the attacker behavior as well as the system's response to a security intrusion. This model is used to analyze and quantify the security attributes of the system. The security quantification analysis is first carried out for steady-state behavior leading to measures like steady-state availability. By transforming this model to a model with absorbing states, we compute a security measure called the "mean time (or effort) to security failure" (MTTSF) and also compute probabilities of security failure due to violations of different security attributes.